Introduction
To perform effectively and organize their accounting procedures, companies are expected to apply modern accounting information systems (AIS). The application of these systems requires following certain industry standards and regulations to address the principles of integrity and accountability. Therefore, much attention is paid to examining internal controls followed in a company and realizing required auditing procedures to guarantee the integrity of firms’ financial operations (Hall, 2016).
General Electric Company (GE) is a widely known American publicly traded conglomerate that is headquartered in Boston, Massachusetts, and operates in different countries. The following segments and divisions compose the company: GE Power, GE Aviation, GE Healthcare, GE Lighting, GE Digital, and others (General Electric Company, 2018). The purpose of this paper is to analyze internal controls and the AIS with reference to the example of General Electric.
Internal Controls
Components of KPMG’s Report on GE Internal Controls
KPMG LLP is an independent registered public accounting firm that provided the evaluation of GE’s internal controls for the period of three years, ending in December 2018. KPMG reports to the Audit Committee to provide the assessment of the company’s management and internal control over financial reporting with reference to the criteria set by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) (Internal Control–Integrated Framework) and the Public Company Accounting Oversight Board (PCAOB) (Petherbridge & Messier, 2016). The review of KPMG’s report allows for explaining its components with a focus on the criteria established by the COSO and the PCAOB.
The first section of the report is “Opinions on the Consolidated Financial Statements and Internal Control over Financial Reporting.” An independent auditor provided the name of the company and opinion regarding its success in maintaining effective internal control over financial reporting with reference to specific criteria. Thus, “the consolidated financial statements … present fairly, in all material respects, the financial position of the Company” (General Electric Company, 2018, p. 99).
GE maintained effective internal control over its financial reporting. The second component of the report should be “Basis for Opinion,” but KPMG also included the information on “Change in Accounting Principle” in the report to support the evaluation.
In “Basis for Opinion,” it is stated that GE’s management is absolutely responsible for maintaining efficient internal control over their financial reporting and assessing its effectiveness. There are also statements that the auditor is responsible for providing an opinion on General Electric’s internal control over financial reporting and that KPMG as an auditor is a public accounting firm registered with the PCAOB. Therefore, it is stated that the audit process was realized according to the standards and requirements of the PCAOB to obtain reasonable assurance for internal control practices to conclude regarding its effectiveness (General Electric Company, 2018).
There are also statements about the assessment of risks and weaknesses necessary to conclude on internal control over financial reporting and the auditor’s view that the audit has a reasonable basis for the stated opinion.
In “Definition and Limitations of Internal Control over Financial Reporting,” the auditor is required to include the specific definition of the internal control process over financial reporting, as well as a statement on inherent limitations, misstatements, and irrelevance of projections for internal control over financial reporting. In most cases, this section is followed by the signature, location, and date, but KPMG also added the information of reviewing “Accompanying Supplemental Information” as the additional basis for analysis (General Electric Company, 2018). The report on internal control over financial reporting provided by an independent auditor is organized according to the criteria of the COSO and the PCAOB, and differences in the number of report elements are possible.
Management’s Responsibility Relative to Internal Controls
The management of General Electric is responsible for preparing high-quality consolidated financial statements. Furthermore, management is responsible for guaranteeing the objectivity and integrity of these statements in the context of maintaining effective internal control over the company’s financial reporting (Lawson, Muriel, & Sanders, 2017). It is important for the management of any company, including General Electric, to properly collect fair financial data and present them in financial statements according to the accounting policies to demonstrate the firm’s performance and position (Hall, 2016).
In this context, management is also accountable for maintaining the integrity of the applied accounting information systems in General Electric. This approach is important to focus on analyzing only objective information for making necessary estimates and final judgments regarding the company’s performance (General Electric Company, 2019). All these activities are required to ensure that the data provided in financial statements are reliable and presented according to the related policies. The implemented accounting information system is developed to minimize risks associated with realizing internal control over financial reporting.
Implications of Computer Technology on Internal Control and Auditing Procedures
The application of computer technology is important in the sphere of companies’ internal control over financial accounting and auditing procedures. The reason is that companies need to operate, collect, store, and analyze large volumes of data that can be manipulated and organized effectively with the help of computers and specific programs and software. For enhancing auditing procedures, it is also effective to use Computer Assisted Audit Techniques (CAATs) (Ribeiro, 2017). The implications of applying such techniques, technologies, and systems are associated with improving the productivity of managers and auditors, decreasing time required for analyzing all company-related information, increasing accuracy of final reports, and improving the possibility to address accounting and auditing standards.
As a result of using computer technology for the internal control structure, it is possible to work with numerous transactions, files, records, and financial statements simultaneously, without a significant risk of omitting important data. Auditing procedures become more efficiently organized and properly conducted, increasing the integrity of final reports as a result of working with complex data.
Using computerized models, diagrams, flow charts, and other tools, auditors are able to analyze the control environment in a certain firm (Hall, 2016). Figure 1 provides a data flow diagram the represents an accounting process based on the application of computer technology (an information system) in General Electric. The focus is on illustrating the general accounting process and the flow of data for a payable account as a separate case. The diagram demonstrates the relationship between the use of information systems and an accounting cycle.
Audit Tests and Procedures
In KPMG’s report, it was stated that an independent auditor used procedures to evaluate risks of misstatement in financial statements based on the test approach. Thus, KPMG tested “evidence regarding the amounts and disclosures in the consolidated financial statements” (General Electric Company, 2018, p. 99). The evaluation of the applied accounting principles and the overall presentation of the company’s financial statements was also provided (General Electric, 2019).
Such audit tests of controls are important to determine how effectively internal controls function in a company, how risks can be prevented, and what level of a control risk is associated with these activities. Such audit tests and associated procedures include re-performance or tracing transactions in a company, observation, and inspection among others.
When the test based on tracing transactions is used, an auditor initiates a transaction to understand how it is operated and documented in the company and whether all related procedures are properly and fairly performed, for example, the guarantee of authorized access to data. The test based on observation is completed when an auditor observes how different transactions are operated to collect a sample of data to make final conclusions (Hall, 2016).
Inspection requires a more complex analysis of the case when an auditor examines data access procedures, the use of passwords, authorization, security issues, privacy issues, the number of data items, the relevance of conducted procedures, and others (Ribeiro, 2017). The reason is to examine the overall process of working with high-risk financial data in detail to determine possibilities for misstatement and fraud.
Accounting Information System
Primary Information Flows, Traditional Accounting Records and Magnetic Equivalents
The AIS contains all the accounting data related to a company, and it allows for working these records and transactions easily. In the business environment, there are internal and external primary flows of information presented in the form of documents or digital files. They include data received from and sent to customers, suppliers, and stakeholders (transactions, journals, reports, bills) as external sources of information. They also include different types of accounting documents, budget and performance data that can come from top management to the operations personnel and from these specialists to managers (Hall, 2016). As a result, it is possible to identify horizontal and vertical flows of information in organizations.
This information is usually presented in two forms: hard copies or digital files. Therefore, it is possible to focus on the relationship between using traditional accounting records operated manually and their magnetic equivalents for computers. Currently, firms, including General Electric as an example, reject using only manual models of working with data. In spite of using hard copies of documents, flow charts, journals, ledgers, and other records for manual systems, computer-based systems are applied in all organizations (General Electric, 2019).
Thus, in some cases, depending on legislation and regulations, some information is presented in both paper and digital forms, and in other cases, only digital copies can be used (Ribeiro, 2017). The use of magnetic equivalents of files and documents is important to operate data in numerous transaction cycles, apply analysis techniques, provide many copies of files, and share data easily. These systems support each other despite the prevalence of computer-based approaches.
Differences between Batch and Real-Time Processing
It is possible to distinguish between such transaction processing models realized with the help of computers as batch processing models and real-time systems. There are certain differences between these two approaches that are based on such factors as the information time frame, resources, and operational efficiency. In the context of batch processing, the time lag is observed between the economic event and the time of recording it.
As a result, the time lag can last minutes or days because certain transactions are united in groups for further processing. In real-time systems, there is no time lag, and processing occurs simultaneously with the economic event. Batch processing requires a limited number of resources, and real-time processing needs more resources, and it is more cost-consuming (Jinping & Caihong, 2015). In terms of operational efficiency, some records are processed for batches after economic events when in real-time processing, all records are processed immediately.
Both technologies have different effects on transaction processing. Batch processing allows for working with large volumes of data and many transactions, but it is time-consuming. Real-time processing allows immediate action, but it is characterized by operational inefficiency (Hall, 2016). GE uses both approaches in its different departments. Managers choose the approach to processing transactions depending on the requirement of immediate reactions to economic events that can influence the quality of cooperating with stakeholders.
Benefits of Adopting the REA Approach
In contrast to a traditional approach to the AIS, the REA (resources, events, and agents) approach depends on emphasizing three important components and their relationships. Resources have a certain economic value to a company, and they are objects of transactions and exchanges. The next component is economic and support events. The third component includes agents as the participants of economic events. The links between these components are within one accounting information system, and the benefits of using this model include the work with different types of data, including accounting and non-accounting information (Ahlawat & Vincelette, 2019). All these data are collected and stored in the database to address all the needs of agents to guarantee successful economic events.
In comparison to traditional models, the REA model allows for agents’ work with large volumes of accounting data in the most flexible and quick way as traditional approaches, such as the focus on ledgers to develop economic events and dependence on time lags do not prevent or limit managers’ activities. There are no stored paper artifacts in the system that can make the work with transactions longer (Hall, 2016). The focus is only on useful data to address needs of multiple users and support economic events. As a result, managers can concentrate only on value-added activities and improve all operations using this optimal system. Therefore, such conglomerates as General Electric use REA modeling in their branches to guarantee the accounting activities are correct and efficient.
Elements of ERP Systems and Risks Associated with Implementation
Enterprise resource planning (ERP) systems are selected by many companies because they allow for organizing and controlling varieties of operations in different departments, collection, analysis, and exchange of data, as well as its evaluation and storage. General Electric chooses ERP systems for their divisions, such as GE Aviation, GE Healthcare, GE Power, and others because their activities and operations are different, and various business needs should be met.
These ERP systems combine a range of programs and software, including accounting ones. The elements of ERP systems include servers to store data, databases, and computers to analyze and share information. As a result, functions of the ERP system differ depending on using core enterprise applications for daily activities and business analysis applications (Trigo, Belfo, & Estébanez, 2016). Thus, these systems cover companies’ everyday tasks and activities and analysis or evaluation processes.
However, the implementation of ERP systems is associated with certain risks and considerations to pay attention to. According to General Electric’s reports, these systems are complex and require organizational changes. Thus, staff opposition and cost-related issues are possible. Managers need to effectively organize the process of implementing the system, provide additional financial and material resources, employees need to be motivated and trained to work with these programs. There are also risks of selecting inappropriate ERP systems to integrate and realize weak implementation processes (Hall, 2016). In General Electric, much attention is paid to the cultural aspect to avoid the opposition of the staff to new processes and technologies.
Role of the Internal Control System in Business and Significance in the Auditing Process
The internal control system in a company is realized by managers and other qualified personnel for the purpose of assuring that all activities are reported effectively, business objectives are met, and financial reporting is accurate. The components include the environment, risk assessment, activities, and relationships between objectives, goals, and activities. As a result, the role of internal control is in evaluating all these components in terms of their efficiency to achieve business goals (Petherbridge & Messier, 2016). General Electric understands the importance of internal control and realizes it assigning qualified specialists to complete assessments according to the COSO regulations and norms. The focus is on guaranteeing that only sound practices are followed, and required authorization for financial activities is provided.
In the auditing process, the internal control system is significant as the presence of this system guarantees the management’s responsibility in presenting accurate financial information in consolidated statements. Since General Electric is subject to auditing, the presence of an effective internal control system is necessary to prevent the risk of identifying any fraud or misstatement (General Electric Company, 2018). Problems identified during auditing procedures and associated with a weak internal control system can lead to significant negative outcomes for General Electric and its stakeholders. To avoid misleading the public, imposing penalties, fees, and different sanctions, companies need to ensure their internal control is strong, and no problems are found out during an auditing process.
Auditing Techniques and GAAS, PCAOB, and COSO Requirements
Audits in such publicly traded companies as General Electric should be conducted according to the GAAS (Generally Accepted Audited Standards), PCAOB, and COSO requirements. For these activities, auditors actively apply CAATs. The reason for using these CAATs is the necessity of working with large volumes of data and conduct complex tests. In the case of using CAATs, the results of an auditing process will be more accurate, and the principle of integrity will be addressed (Hall, 2016; Lawson et al., 2017). Furthermore, the adherence to the GAAS, PCAOB, and COSO requirements can be guaranteed as risks of errors are minimal.
An auditing process based on following the GAAS, PCAOB, and COSO requirements means checking whether a company’s financial statements and released financial data correspond with the norms and regulations. The application of CAATs is most efficient in this case because of using tests of controls, evaluation methods based on technologies, tracing, simulations, and the integrated test facility (Trigo et al., 2016). General Electric auditors and independent auditors use these CAATs to ensure the evaluation process is realized effectively, and the application of manual techniques is less revenant for these processes.
Conclusion
General Electric as a publicly-traded company is subject to different types of auditing, and much attention should be paid to internal control. This paper has presented details on how the advantages and specifics of the AIS can be used to improve the control over financial reporting in companies similar to General Electric. The focus is on the effective application of computer-based tools to support accounting activities and on the integration of models to improve financial reporting. The analysis has also accentuated the techniques available for auditing with reference to the use of the AIS.
References
Ahlawat, S., & Vincelette, J. (2019). Enhancing knowledge integration with REA modeling in an AIS project. Journal of Information Systems Education, 23(2), 2-12.
General Electric. (2019). Investor relations. Web.
General Electric Company. (2018). 2018 Annual report. Web.
General Electric Company. (2019). 2019 Notice of annual meeting and proxy statement. Web.
Hall, J. A. (2016). Accounting information systems (9th ed.). Boston, MA: Cengage Learning.
Jinping, L., & Caihong, Z. (2015). The computer control in the application of AIS. In The 27th Chinese Control and Decision Conference (2015 CCDC) (pp. 2147-2152). Qingdao, China: IEEE.
Lawson, B. P., Muriel, L., & Sanders, P. R. (2017). A survey on firms’ implementation of COSO’s 2013 Internal Control–Integrated Framework. Research in Accounting Regulation, 29(1), 30-43.
Petherbridge, J., & Messier, W. F. (2016). The impact of PCAOB regulatory actions and engagement risk on auditors’ internal audit reliance decisions. Journal of Accounting and Public Policy, 35(1), 3-18.
Ribeiro, M. C. (2017). AIS auditing: Audit tools for a continuous auditing approach. In M. Quinn & E. Strauss (Eds.), The Routledge Companion to Accounting Information Systems (pp. 205-217). New York, NY: Routledge.
Trigo, A., Belfo, F., & Estébanez, R. P. (2016). Accounting Information Systems: Evolving towards a business process oriented accounting. Procedia Computer Science, 100, 987-994.